Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Thu,  8 Sep 2016 13:17:37 -0400 (EDT)
From: cve-assign@...re.org
To: dmoppert@...hat.com
Cc: cve-assign@...re.org, oss-security@...ts.openwall.com
Subject: Re: CVE request: libarchive (pre 3.2.0) denial of service with gzip quine

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> This was fixed in libarchive 3.2.0, but never got a CVE.
> 
> Upstream ticket:
> 
> https://github.com/libarchive/libarchive/issues/660
> 
> Original report:
> 
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207362

Use CVE-2016-7166.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJX0ZzHAAoJEHb/MwWLVhi2eIsP/RiYpHsHUUOkbj4ZwPiaeUri
FdB3DXqHIw7rh8sUFFWiwBuYVhOINLyEwAz9mHU9lqjMLNGvbgcA9++bC6506n6B
qVc8KQtMzOFtanRlC221OBccjFrYquKXmJYMcyPj4L9/0PQhZY7WIXY45kAgad7Y
0ihdIkcfDZoCogVRMU68+Z1tpzKsU/VjHAjRX78vP7DxqSuhOinI3Bs+NIM8UwY8
E/oyutjKbFqLxqe3ggOtXh/MYniWD11RaL4xt2k4wVOgJia01YJ+xDlRvES4iMON
meFsRIGWeRhHSY1sg4WYyONzb7H/HX0QuODsTr6vF7CaDjiwL4145bjhoP9Icb5n
BZEBrtnjjEFwJENwI13lrmQpdV/HL4hFJ20AuYxTPlKvneV2zlZ72s7wxxqsuo5G
kUKH5e48cZ8CG+JKkF0it86wszqA/5RIgH1rOaexMLi3Gc56b52S6GxOqJA79LQZ
P5xSPSgZRxTzblUyqF53fLV1sVKwvGLOgxWPcwbF4IeTH8bNt0w8vuIMnnMplKuS
KYEvoutuNi2E8mmD8xIQ8V96/Oqxth/IO31EQL+GozTOBzH4o8SFi8QodPtfmp/i
9jJEP1xn0tn26t7v8Wz6BS2jCr7SvqOynZXO/Ymichhg5VIFFZd/LTH7LMDx336H
XD+j8qjHOKLO8GPz7O7z
=VcJZ
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.